Another mail_crypt question: figure out to password secure using mysql
Aki Tuomi
aki.tuomi at dovecot.fi
Fri May 26 17:44:39 EEST 2017
> On May 26, 2017 at 5:13 PM "dovecot at avv.solutions" <dovecot at avv.solutions> wrote:
>
>
> Hello Community,
>
> (sorry to be more busy, hence more running questions in parallel :) )
>
> As mentioned in another post, I am testing mail_crypt plugin.
>
> I was wondering how to really secure the process sothat even the admin
> cannot have any access to the other users mail content.
>
>
> My current config is simple:
>
> - using per-folder keys (hence the per-user spaces are preserved)
>
> - put the public/private global keys in base64 format into the sql DB
> (elliptic algo)
>
> This obviously allows anyone with read access to the table to decrypt
> the mails from the filesystem... which I try to prevent.
>
>
> Considering of course that all mail users are virtual and do not (and
> may not) have access to the box itself:
>
> - how can I secure the keys? I do not see how to handle a assword for them?
>
> - a solution might be to crypt/decrypt the keys using the user's password?
>
> - other?
>
>
> Thank you for you help.
(sorry for possible duplicate)
You can use userdb attribute mail_crypt_private_password to encrypt the private key. You can use something like
userdb_mail_crypt_private_password = %{pkcs5;salt=<random string>%Lu:password}
to generate the encryption password on the fly from passdb.
Aki Tuomi
Dovecot Oy
More information about the dovecot
mailing list